New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request: Declarative configuration of triggers via config file #813
Comments
We classify this a "wontfix" for security reasons; consider that someone has a git repo with a Our recommendation is that you initiate the trigger from a script that is explicitly run by the user; this gives them an opportunity to inspect what actions it may take before they occur, and crucially: that the potentially dangerous trigger doesn't happen implicitly as a side effect of looking at the watched directory structure. |
Thanks for the quick reply! How would you recommend setting up triggers for a user with shell set to |
What's the goal/background of making the user Ignoring that for now: if you own the system and know the user(s) for which you're setting this up ahead of time, then you could run the trigger setup ahead of time using |
Background: this user is used to run a headless bittorrent client, with its home dir containing various configuration files and state for that client. Watchman is run as a user service on that system, so this wouldn't provide any priv escalation to root. (I am absolutely overengineering this for the fun of it, btw - part of the goal is to have full declarative specification of my home server, with known sha hashes of build inputs & etc) |
I would like to be able to declaratively specify watchman triggers in the watchman config file, for triggers that I wish to be active for the lifetime of the watchman service (example: watching some directory and running a script for each torrent file added to it, to automate downloading linux distros). Currently, there is no way to do so, but since both the watchman config file and the watchman state file are stored as json, it should be fairly simple to include a config file field such as
additional_triggers
that uses the same trigger format as in the state file to allow for declarative configuration of triggers.The text was updated successfully, but these errors were encountered: